class ApplicationController < ActionController::Base
	before_filter :authorize
	before_filter :store_path
	before_filter :authorise_user
	protect_from_forgery
  
	protected
  
	def authorize
		unless User.find_by_id(session[:user_id])
			redirect_to root_url, :alert => "Please log in"
		end
	end
	
	def store_path
		 session[:return_to] = request.referer
	end
	
	def current_user
		return Entity.find(session[:user_id])
	end
	
	def authorise_user
		if !params[:id].nil?
			unless ((params[:id].to_s) == (session[:user_id].to_s)) || ((Group.exists?params[:id].to_i) && (!Administrate.find_by_entity_id_and_group_id(session[:user_id],params[:id]).nil?))
				redirect_to root_url, :alert => "Don't be naughty!"
			end
		end
	end
end
